Incremental patches can be downloaded by following the provided links below. These patch sets contain only the files that have changed between the previous release and this update. The previous release version that these patch sets are designed for is clearly indicated as the first and smaller number.

This Advisory provides resolution for several security issues, all of which were either reported privately via the Security Bounty Program or found internally by the WHMCS Development team as part of the regular on-going internal security audits.

There is no reason to believe that any of these vulnerabilities are known to the public. As such, WHMCS will only release limited information about the vulnerabilities at this time.

Once sufficient time has passed, WHMCS will release additional information about the nature of the security issues.